CVE-2008-6792

CWE-3105 documents5 sources
Severity
5.0MEDIUM
EPSS
0.4%
top 40.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Ubuntu Linux
Timeline
PublishedMay 7
Latest updateMay 17

Description

system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in GNOME System Tools, hashes account passwords with 3DES and consequently limits effective password lengths to eight characters, which makes it easier for context-dependent attackers to successfully conduct brute-force password attacks.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debiansystem-tools-backends< 2.6.0-6.1+3
NVDubuntu/linux8.10

🔴Vulnerability Details

3
GHSA
GHSA-2v3q-89pj-mhxh: system-tools-backends before 22022-05-17
CVEList
CVE-2008-6792: system-tools-backends before 22009-05-07
OSV
CVE-2008-6792: system-tools-backends before 22009-05-07

📋Vendor Advisories

1
Debian
CVE-2008-6792: system-tools-backends - system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users ...2008
CVE-2008-6792 (MEDIUM CVSS 5) | system-tools-backends before 2.6.0- | cvebase.io